chtěl bych Vás požádat o kontrolu logu z RSITU. Počítač se mi zdá v pořádku, ale MWAV mi našel vir v uninstal programu VLC. A ještě mi označil nějaký vadný registr. Tak nevím, co to znamená. Mohli byste mi poradit?
MWAVEntry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".swidtag". Action Taken: No Action Taken.
File C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe infected by "Gen:Trojan.Heur.P.bK4@fu!J27h (DB)" Virus! Action Taken: No Action Taken.
RSIT Logfile of random's system information tool 1.10 (written by random/random)
Run by Mike at 2016-01-24 16:02:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 217 GB (45%) free of 477 GB
Total RAM: 8136 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:03:04, on 24.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Avast\AvastUI.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Mike.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10207 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Windows\System32\StikyNot.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "374322993-2070980499-115964404213349804272221111382003042141378697501912090686
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8088.0.937560225\436965389" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/Control/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A4_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8088.1.325707285\67162117" --font-cache-shared-handle=2000 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/Control/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A4_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8088.2.1303105193\176699133" --font-cache-shared-handle=2356 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe37_ Global\UsGthrCtrlFltPipeMssGthrPipe37 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
taskhost.exe $(Arg0)
"C:\Users\Mike\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6ky4rbed.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.72.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.72.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Avast\aswWebRepIE64.dll [2015-11-14 885152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-01-23 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Avast\aswWebRepIE.dll [2015-11-14 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-23 173152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-04 173672]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-04 401512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-04 444008]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2015-11-14 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2015-11-14 5908928]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-18 13657304]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-12-09 2771576]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-12-09 1846016]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-28 2841896]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2015-11-14 206176]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-01-18 50615936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2015-12-13 7021880]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-07 56128]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-05-26 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"HideFastUserSwitching"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-24 16:02:57 ----D---- C:\Program Files\trend micro
2016-01-24 16:02:56 ----D---- C:\rsit
2016-01-23 13:13:55 ----D---- C:\Program Files (x86)\GRETECH
2016-01-23 12:08:07 ----A---- C:\Windows\ntbtlog.txt
2016-01-23 11:51:27 ----AD---- C:\Windows\rundll16.exe
2016-01-23 11:51:27 ----AD---- C:\Windows\logo1_.exe
2016-01-23 02:29:14 ----RD---- C:\Program Files (x86)\Skype
2016-01-22 11:36:27 ----A---- C:\Windows\system32\win32k.sys
2016-01-22 02:52:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-01-22 02:52:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-01-22 02:52:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-01-22 02:52:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-01-22 02:52:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-01-22 02:52:02 ----A---- C:\Windows\system32\iertutil.dll
2016-01-22 02:52:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-01-22 02:52:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-01-22 02:52:01 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-22 02:52:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-01-22 02:52:01 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-01-22 02:52:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-22 02:52:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-01-22 02:52:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-01-22 02:52:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-01-22 02:52:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-01-22 02:52:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-22 02:52:01 ----A---- C:\Windows\system32\iernonce.dll
2016-01-22 02:52:01 ----A---- C:\Windows\system32\ie4uinit.exe
2016-01-22 02:52:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-22 02:52:00 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-01-22 02:52:00 ----A---- C:\Windows\system32\urlmon.dll
2016-01-22 02:52:00 ----A---- C:\Windows\system32\occache.dll
2016-01-22 02:52:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-01-22 02:52:00 ----A---- C:\Windows\system32\iedkcs32.dll
2016-01-22 02:51:59 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-01-22 02:51:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-01-22 02:51:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-01-22 02:51:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-01-22 02:51:59 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-01-22 02:51:59 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-22 02:51:59 ----A---- C:\Windows\system32\msfeeds.dll
2016-01-22 02:51:59 ----A---- C:\Windows\system32\dxtrans.dll
2016-01-22 02:51:58 ----A---- C:\Windows\system32\iesetup.dll
2016-01-22 02:51:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-01-22 02:51:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-01-22 02:51:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-01-22 02:51:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-01-22 02:51:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-01-22 02:51:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-01-22 02:51:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-01-22 02:51:57 ----A---- C:\Windows\system32\vbscript.dll
2016-01-22 02:51:57 ----A---- C:\Windows\system32\jsproxy.dll
2016-01-22 02:51:56 ----A---- C:\Windows\system32\ieui.dll
2016-01-22 02:51:56 ----A---- C:\Windows\system32\ieframe.dll
2016-01-22 02:51:56 ----A---- C:\Windows\system32\dxtmsft.dll
2016-01-22 02:51:55 ----A---- C:\Windows\system32\webcheck.dll
2016-01-22 02:51:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-01-22 02:51:55 ----A---- C:\Windows\system32\mshtmled.dll
2016-01-22 02:51:55 ----A---- C:\Windows\system32\ieUnatt.exe
2016-01-22 02:51:54 ----A---- C:\Windows\system32\wininet.dll
2016-01-22 02:51:54 ----A---- C:\Windows\system32\jscript9diag.dll
2016-01-22 02:51:54 ----A---- C:\Windows\system32\jscript9.dll
2016-01-22 02:51:54 ----A---- C:\Windows\system32\jscript.dll
2016-01-22 02:51:54 ----A---- C:\Windows\system32\ieapfltr.dll
2016-01-22 02:51:53 ----A---- C:\Windows\system32\msrating.dll
2016-01-22 02:51:53 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-01-22 02:51:52 ----A---- C:\Windows\system32\mshtml.dll
2016-01-22 02:51:44 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-22 02:51:44 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-22 02:51:44 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-22 02:51:44 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-22 02:51:44 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-22 02:51:44 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-22 02:51:44 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-22 02:51:44 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-22 02:51:44 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-22 02:51:44 ----A---- C:\Windows\system32\mf.dll
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-22 02:51:43 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-22 02:51:43 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-22 02:51:43 ----A---- C:\Windows\system32\quartz.dll
2016-01-22 02:51:43 ----A---- C:\Windows\system32\mcmde.dll
2016-01-22 02:51:43 ----A---- C:\Windows\system32\evr.dll
2016-01-22 02:51:43 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-01-22 02:51:42 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-22 02:51:42 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-22 02:51:42 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-22 02:51:42 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\system32\qdvd.dll
2016-01-22 02:51:42 ----A---- C:\Windows\system32\qasf.dll
2016-01-22 02:51:42 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-22 02:51:42 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-22 02:51:42 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-22 02:51:42 ----A---- C:\Windows\system32\mfps.dll
2016-01-22 02:51:42 ----A---- C:\Windows\system32\mfplat.dll
2016-01-22 02:51:42 ----A---- C:\Windows\system32\devenum.dll
2016-01-22 02:51:41 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-01-22 02:51:41 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-01-22 02:51:41 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-01-22 02:51:41 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-22 02:51:41 ----A---- C:\Windows\system32\mferror.dll
2016-01-22 02:51:41 ----A---- C:\Windows\system32\ksuser.dll
2016-01-22 02:51:41 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-22 02:51:41 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-22 02:51:41 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-01-22 02:51:39 ----A---- C:\Windows\system32\appraiser.dll
2016-01-22 02:51:38 ----A---- C:\Windows\system32\invagent.dll
2016-01-22 02:51:38 ----A---- C:\Windows\system32\generaltel.dll
2016-01-22 02:51:38 ----A---- C:\Windows\system32\devinv.dll
2016-01-22 02:51:38 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-22 02:51:38 ----A---- C:\Windows\system32\aepic.dll
2016-01-22 02:51:38 ----A---- C:\Windows\system32\acmigration.dll
2016-01-22 02:51:36 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-01-22 02:51:36 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-01-22 02:51:36 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-01-22 02:51:36 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-01-22 02:51:36 ----A---- C:\Windows\system32\nlsbres.dll
2016-01-22 02:51:36 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-01-22 02:51:36 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-01-22 02:51:36 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-01-22 02:51:34 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-22 02:51:34 ----A---- C:\Windows\system32\gdi32.dll
2016-01-22 02:51:34 ----A---- C:\Windows\system32\aeinv.dll
2016-01-22 02:51:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-22 02:51:33 ----A---- C:\Windows\system32\qedit.dll
2016-01-22 02:51:33 ----A---- C:\Windows\system32\advapi32.dll
2016-01-22 02:51:32 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-22 02:51:29 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-01-22 02:51:29 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-01-22 02:51:29 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-01-22 02:51:29 ----A---- C:\Windows\system32\mapistub.dll
2016-01-22 02:51:29 ----A---- C:\Windows\system32\mapi32.dll
2016-01-22 02:51:29 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-22 02:50:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-22 02:50:19 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-22 02:50:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-01-22 02:50:19 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-01-22 02:50:19 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-22 02:50:19 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-01-22 02:50:19 ----A---- C:\Windows\system32\schannel.dll
2016-01-22 02:50:19 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-22 02:50:19 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-22 02:50:19 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-22 02:50:19 ----A---- C:\Windows\system32\kernel32.dll
2016-01-22 02:50:19 ----A---- C:\Windows\system32\kerberos.dll
2016-01-22 02:50:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-01-22 02:50:18 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\winsrv.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\wdigest.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\TSpkg.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\sspisrv.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\sspicli.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\secur32.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\ntvdm64.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\ntdll.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\lsass.exe
2016-01-22 02:50:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-01-22 02:50:18 ----A---- C:\Windows\system32\cryptbase.dll
2016-01-22 02:50:18 ----A---- C:\Windows\system32\credssp.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-22 02:50:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-22 02:50:17 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-01-22 02:50:17 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-01-22 02:50:17 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-01-22 02:50:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-01-22 02:50:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-01-22 02:50:17 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-01-22 02:50:17 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-01-22 02:50:17 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-01-22 02:50:17 ----A---- C:\Windows\system32\wow64win.dll
2016-01-22 02:50:17 ----A---- C:\Windows\system32\wow64cpu.dll
2016-01-22 02:50:17 ----A---- C:\Windows\system32\wow64.dll
2016-01-22 02:50:17 ----A---- C:\Windows\system32\srcore.dll
2016-01-22 02:50:17 ----A---- C:\Windows\system32\srclient.dll
2016-01-22 02:50:17 ----A---- C:\Windows\system32\smss.exe
2016-01-22 02:50:17 ----A---- C:\Windows\system32\rstrui.exe
2016-01-22 02:50:17 ----A---- C:\Windows\system32\KernelBase.dll
2016-01-22 02:50:17 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-22 02:50:17 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-22 02:50:17 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-22 02:50:17 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-22 02:50:17 ----A---- C:\Windows\system32\conhost.exe
2016-01-22 02:50:17 ----A---- C:\Windows\system32\auditpol.exe
2016-01-22 02:50:17 ----A---- C:\Windows\system32\apisetschema.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-22 02:50:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-22 02:50:16 ----A---- C:\Windows\SYSWOW64\user.exe
2016-01-22 02:50:16 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-01-22 02:50:16 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-01-22 02:50:16 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-01-22 02:50:16 ----A---- C:\Windows\system32\msobjs.dll
2016-01-22 02:50:16 ----A---- C:\Windows\system32\msaudite.dll
2016-01-22 02:50:16 ----A---- C:\Windows\system32\adtschema.dll
2016-01-18 20:57:11 ----A---- C:\Windows\SYSWOW64\log.txt
2016-01-18 20:45:05 ----HD---- C:\ProgramData\tks
2016-01-13 18:12:22 ----A---- C:\Windows\SYSWOW64\msvcr100d.dll
2016-01-13 18:11:59 ----A---- C:\Windows\system32\msvcr100d.dll
2016-01-13 18:10:05 ----A---- C:\Windows\system32\msvcp100d.dll
2016-01-13 18:09:52 ----A---- C:\Windows\SYSWOW64\msvcp100d.dll
2016-01-13 18:04:09 ----D---- C:\Users\Mike\AppData\Roaming\edxLabs
2016-01-11 08:36:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-01-04 22:29:32 ----AD---- C:\Windows\VDLL.DLL
2016-01-04 22:29:32 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2016-01-04 22:29:32 ----AD---- C:\Windows\RUNDL132.EXE
2016-01-04 22:29:32 ----AD---- C:\Windows\logo_1.exe
2016-01-02 17:40:28 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2016-01-02 17:40:28 ----A---- C:\Windows\iun6002.exe
2016-01-02 14:07:48 ----D---- C:\ProgramData\Energy Management
2015-12-31 16:19:20 ----A---- C:\Windows\system32\drivers\trufos.sys
2015-12-31 16:19:14 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2015-12-31 16:19:12 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2015-12-31 16:19:11 ----A---- C:\Windows\SYSWOW64\msvcp90.dll
2015-12-31 16:19:10 ----A---- C:\Windows\SYSWOW64\msvcr90.dll
2015-12-31 16:19:09 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2015-12-31 16:18:51 ----D---- C:\ProgramData\MicroWorld
2015-12-27 13:27:54 ----A---- C:\Windows\oodjobd.INI
2015-12-25 17:36:07 ----D---- C:\Program Files (x86)\uTorrent 2.2.1
======List of files/folders modified in the last 1 month======
2016-01-24 16:02:57 ----RD---- C:\Program Files
2016-01-24 15:47:20 ----D---- C:\Users\Mike\AppData\Roaming\vlc
2016-01-24 14:04:23 ----D---- C:\Windows\Temp
2016-01-24 13:43:54 ----D---- C:\Windows\system32\config
2016-01-23 13:29:51 ----HD---- C:\ProgramData
2016-01-23 13:29:31 ----RD---- C:\Program Files (x86)
2016-01-23 12:08:07 ----D---- C:\Windows
2016-01-23 11:36:35 ----SHD---- C:\Windows\Installer
2016-01-23 11:27:18 ----D---- C:\Windows\System32
2016-01-23 11:27:09 ----D---- C:\Windows\debug
2016-01-23 11:25:29 ----D---- C:\Windows\inf
2016-01-23 04:04:33 ----D---- C:\Windows\system32\drivers
2016-01-23 04:01:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-23 02:30:03 ----D---- C:\Users\Mike\AppData\Roaming\Skype
2016-01-23 02:29:18 ----D---- C:\ProgramData\Skype
2016-01-23 02:29:15 ----D---- C:\Program Files (x86)\Common Files
2016-01-23 02:26:45 ----D---- C:\Windows\SysWOW64
2016-01-23 02:26:25 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-01-23 02:26:10 ----D---- C:\Program Files (x86)\Java
2016-01-23 00:06:43 ----D---- C:\Windows\rescache
2016-01-22 12:15:41 ----D---- C:\Windows\winsxs
2016-01-22 11:37:18 ----D---- C:\ProgramData\Microsoft Help
2016-01-22 03:01:08 ----RSD---- C:\Windows\Fonts
2016-01-22 03:01:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-22 03:01:08 ----D---- C:\Windows\system32\cs-CZ
2016-01-22 03:01:08 ----D---- C:\Program Files\Internet Explorer
2016-01-22 03:01:07 ----SD---- C:\Windows\system32\CompatTel
2016-01-22 03:01:07 ----D---- C:\Windows\SYSWOW64\en-US
2016-01-22 03:01:07 ----D---- C:\Windows\system32\en-US
2016-01-22 03:01:07 ----D---- C:\Windows\system32\appraiser
2016-01-22 03:01:07 ----D---- C:\Windows\AppPatch
2016-01-22 03:01:07 ----D---- C:\Program Files (x86)\Internet Explorer
2016-01-22 03:01:06 ----D---- C:\Windows\system32\DriverStore
2016-01-22 02:55:33 ----D---- C:\Windows\system32\MRT
2016-01-22 02:55:31 ----A---- C:\Windows\system32\MRT.exe
2016-01-22 02:51:11 ----D---- C:\Windows\system32\catroot2
2016-01-22 02:34:20 ----D---- C:\Windows\system32\NDF
2016-01-21 12:58:54 ----D---- C:\Users\Mike\AppData\Roaming\XnView
2016-01-18 20:58:00 ----D---- C:\Windows\SoftwareDistribution
2016-01-18 20:52:18 ----D---- C:\Program Files (x86)\Wise 365 Pro Portable
2016-01-15 01:00:48 ----SD---- C:\Users\Mike\AppData\Roaming\Microsoft
2016-01-14 11:44:42 ----D---- C:\Windows\system32\Tasks
2016-01-11 18:52:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-09 14:08:11 ----D---- C:\Windows\Logs
2016-01-04 15:24:39 ----A---- C:\Windows\win.ini
2016-01-02 17:38:09 ----D---- C:\ProgramData\Package Cache
2016-01-02 17:36:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-12-31 19:23:06 ----D---- C:\Windows\Tasks
2015-12-27 14:26:58 ----D---- C:\Windows\SYSWOW64\config
2015-12-27 14:24:29 ----D---- C:\Windows\Help
2015-12-27 13:34:02 ----SHD---- C:\System Volume Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-13 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-13 273784]
R0 fbfmon;fbfmon; C:\Windows\system32\drivers\fbfmon.sys [2015-11-14 57952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-05-30 569152]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2015-11-14 39008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-12-16 31352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-13 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 BPntDrv;BPntDrv; C:\Windows\system32\drivers\BPntDrv.sys [2015-11-14 13408]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-13 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-19 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-13 155304]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2015-11-14 29792]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-11-14 30264]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-05-26 5375448]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-22 3692632]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-10-02 342528]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2010-12-13 174168]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-10-30 458960]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2014-03-06 11527888]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-12-09 19576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-28 398896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-08-03 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2014-08-03 27760]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2015-12-31 350160]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2015-12-13 226440]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-12-09 1156216]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-12-09 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-12-09 6477432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-12-16 1256240]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-10-16 289496]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-12-09 8185464]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-06-19 104120]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-06-19 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-14 136048]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-14 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-04 280680]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-14 136048]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-14 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-12-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-11 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-11-14 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-06-19 50352]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
-----------------EOF-----------------
Po vyčištění se počítač ještě restartuje a až pak se objeví log 
Děkuji Vám za rychlou odezvu a pomoc při vyčištění nt 
Přispějete na provoz fóra?